<?php

include("connect.php");
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("content-type:application/xml;charset=utf-8;");

$query = "select `Name` From Publication left join PublicationPerson on Publication.ID = PublicationPerson.PublicationID where PersonID = '".mysql_real_escape_string($_GET['personid'])."' ORDER BY `Name` ASC";

// Perform Query
$result = mysql_query($query, $link);

// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
    $message  = 'Invalid query: ' . mysql_error() . "\n";
    $message .= 'Whole query: ' . $query;
    die($message);
}

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?><items>\n";
while ($row = mysql_fetch_assoc($result)) {
	echo "<item><name>".str_replace("&", "&amp;", $row['Name'])."</name>\n</item>\n";
}
echo "</items>";


// Free the resources associated with the result set
// This is done automatically at the end of the script
mysql_free_result($result);
mysql_close($link);
?>
